Video ESET’s research team reveals details about the onboarding process of the Telekopye scam operation and the various methods that the fraudsters use to defraud people online 24 Nov 2023 How do aspiring fraudsters become members of a scam operation that helps them defraud people on online marketplaces? ESET researchers recently discovered and analyzed Telekopye,
Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows – Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from
House sales and purchases across the UK have been disrupted by a cyber-attack affecting multiple conveyancing firms. CTS, a legal sector specialist infrastructure service provider, confirmed in a statement that it has experienced a service outage caused by a cyber-incident. The firm said the cyber-attack has impacted a portion of the services it delivers to
We recently published a blogpost about Telekopye, a Telegram bot that helps cybercriminals scam people in online marketplaces. Telekopye can craft phishing websites, emails, SMS messages, and more. In the first part, we wrote about technical details of Telekopye and hinted at hierarchical structure of its operational groups. In this second part, we focus on
Nov 25, 2023NewsroomCyber Attack / Threat Intelligence An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and
The Akamai Security Incident Response Team (SIRT) has detected increased activity targeting a rarely used TCP port across its global honeypots. The investigation conducted in late October 2023 revealed a specific HTTP exploit path, identifying two zero-day exploits being actively leveraged in the wild. The first exploit targeted network video recorders (NVRs) used in CCTV
Digital Security AI-driven voice cloning can make things far too easy for scammers – I know because I’ve tested it so that you don’t have to learn about the risks the hard way. Jake Moore 22 Nov 2023 • , 6 min. read The recent theft of my voice brought me to a new fork in the
Nov 24, 2023NewsroomCloud security / Data Protection Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some
A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious Kinsing malware. According to an advisory published by Trend Micro on Monday, the discovery underscores the implications for Linux systems, as the vulnerability allows for remote code execution (RCE) due to inadequate validation of throwable
Digital Security What happens when problems caused by autonomous vehicles are not the result of errors, but the result of purposeful attacks? 21 Nov 2023 • , 7 min. read Fleets of robotaxis hit the brakes, citing the need to “rebuild public trust”. This story had been brewing for a while. It seemed fairly inconsequential
Nov 23, 2023NewsroomSoftware Supply Chain Attack A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. “This malicious file is a legitimate CyberLink application installer that has been
Security researchers have detected a Russian-language Word document carrying a malicious macro in the ongoing Konni campaign. Despite its September 2023 creation date, FortiGuard Labs’ internal telemetry revealed continued activity on the campaign’s command-and-control (C2) server. This long-running campaign utilizes a remote access Trojan (RAT) capable of extracting information and executing commands on compromised devices, employing
Nov 22, 2023NewsroomSEO poisoning / Malware Analysis The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. “This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) sector. The new guide outlines defensive mitigation strategies and best practices to counteract prevalent cyber-threats targeting critical infrastructure in the healthcare domain. The paper, published on Friday, emphasizes the importance of vulnerability management,
Nov 21, 2023NewsroomCyber Attack / Cyber Espionage The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out
Royal Mail has revealed a multimillion-pound cost attached to a serious ransomware breach it suffered earlier this year. The British postal service company was hit by a LockBit affiliate, in an incident which caused “severe service disruption” for items sent abroad. It later transpired that the ransomware actors were demanding nearly $80m from the firm
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a detailed cybersecurity advisory on the sophisticated Scattered Spider threat group, urging critical infrastructure (CNI) firms to implement its mitigation recommendations. The group (also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest and Muddled Libra) is thought to be responsible for big-name
Social Media How much contact and personal information do you give away in your LinkedIn profile and who can see it? Here’s why less may be more. Daniel Cunha Barbosa 16 Nov 2023 • , 4 min. read Several friends recently asked me how cybercriminals could gain access to their contact data, especially their mobile
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan,” security researcher Guilherme Venere
involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban. The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands. Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual
Video An attack against a port operator that ultimately hobbled some 40 percent of Australia’s import and export capacity highlights the kinds of supply chain shocks that a successful cyberattack can cause 17 Nov 2023 This week, one of Australia’s major port operators, DP World, had to pull the plug on its internet connection and
Nov 18, 2023NewsroomCyber Attack / USB Worm Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon’s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging
The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero trust certification. CSA said the certification responds to the evolving landscape of pervasive technology and the inadequacy of legacy security models. It aims to equip security professionals with the knowledge necessary to develop and implement
Nov 17, 2023NewsroomPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows – CVE-2023-36584 (CVSS score: 5.4) – Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability
The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial intelligence (AI). The initiative aligns with President Biden’s recent Executive Order, which directed DHS to globally promote AI safety standards, safeguard US networks and critical infrastructure, and address the potential weaponization of AI. The roadmap
Nov 16, 2023NewsroomCyber Warfare / Threat Intelligence Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. “22 simultaneous, successful cyberattacks against Danish critical infrastructure are not
Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic. Notably, 2922 projects contained at least one unique secret. Among the leaked secrets were various credentials, including AWS Keys, Redis credentials, Google API
We Live Progress Discover six games that will provide valuable knowledge while turning learning about digital security into an enjoyable and rewarding adventure Luiza Pires 14 Nov 2023 • , 4 min. read In this day and age, knowing your way around the digital world is not merely a valuable asset – it is a
Nov 15, 2023NewsroomPatch Tuesday / Zero-Day Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity.
- « Previous Page
- 1
- …
- 36
- 37
- 38
- 39
- 40
- …
- 123
- Next Page »